<?php
require_once("vcl/vcl.inc.php");
require_once("lib/db_connection.php");
require_once("lib/validate.php");
//Includes
use_unit("components4phpfull/jtiframe.inc.php");
use_unit("menus.inc.php");
use_unit("comctrls.inc.php");
use_unit("components4phpfull/jtdivwindow.inc.php");
use_unit("components4phpfull/jtsitetheme.inc.php");
use_unit("forms.inc.php");
use_unit("extctrls.inc.php");
use_unit("stdctrls.inc.php");

//Class definition
class login extends Page
{
       public $imgTooCool = null;
       public $JTFlash = null;
       public $btnClose = null;
       public $divreg = null;
       public $Image2 = null;
       public $Label6 = null;
       public $Label5 = null;
       public $Label4 = null;
       public $imgE2 = null;
       public $imgE1 = null;
       public $imgReg = null;
       public $Image1 = null;
       public $imghead = null;
       public $JTRegister = null;
       public $btnLogin = null;
       public $imgJtech = null;
       public $imgPower = null;
       public $imgFooter = null;
       public $imgBg = null;
       public $imgAmps = null;
       public $imgFF = null;
       public $Label3 = null;
       public $Label2 = null;
       public $Label1 = null;
       public $JTSiteTheme1 = null;
       public $btnRegister = null;
       public $lblError = null;
       public $edPassword = null;
       public $edUsername = null;

       function imgTooCoolJSMouseOut($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('imgTooCool').src="image/too_cool.png"
       <?php

       }

       function imgTooCoolJSMouseOver($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('imgTooCool').src="image/too_cool2.png"
       <?php

       }

       function btnCloseJSMouseOut($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('btnClose').src="image/btn_reg.png"
       <?php

       }

       function btnCloseJSMouseOver($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('btnClose').src="image/btn_reg2.png"
       <?php

       }

       function btnCloseJSClick($sender, $params)
       {

       ?>
       document.getElementById('divreg').Hide();
       <?php

       }

       function edPasswordJSKeyDown($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('edPassword').style.fontStyle = 'normal';
       <?php

       }

       function edUsernameJSKeyDown($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('edUsername').style.fontStyle = 'normal';
       <?php

       }

       function edUsernameJSFocus($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('edUsername').style.color='white';
       document.getElementById('edUsername').style.fontStyle = 'normal';
       var uname = document.getElementById('edUsername').value;
       if(uname=='Username')
       {
       document.getElementById('edUsername').value='';
       }
       <?php

       }

       function edUsernameJSBlur($sender, $params)
       {

       ?>
       //Add your javascript code here
       var uname = document.getElementById('edUsername').value;
       if(uname=='')
       {
       document.getElementById('edUsername').style.color='gray';
       document.getElementById('edUsername').style.fontStyle = 'italic';
       document.getElementById('edUsername').value='Username';
       }
       <?php

       }

       function edPasswordJSBlur($sender, $params)
       {

       ?>
       //Add your javascript code here
       var pass = document.getElementById('edPassword').value;
       if(pass=='')
       {
       document.getElementById('edPassword').type='text';
       document.getElementById('edPassword').style.color='gray';
       document.getElementById('edPassword').style.fontStyle = 'italic';
       document.getElementById('edPassword').value='Password';
       }
       <?php

       }

       function edUsernameJSClick($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('edUsername').style.color='white';
       var uname = document.getElementById('edUsername').value;
       if(uname=='Username')
       {
       document.getElementById('edUsername').value='';
       }
       <?php

       }

       function edPasswordJSClick($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('edPassword').type='password';
       document.getElementById('edPassword').style.color='white';
       var pass = document.getElementById('edPassword').value;
       if(pass=='Password')
       {
       document.getElementById('edPassword').value='';
       }
       <?php

       }



       function edPasswordJSFocus($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('edPassword').type='password';
       document.getElementById('edPassword').style.color='white';
       var pass = document.getElementById('edPassword').value;
       if(pass=='Password')
       {
       document.getElementById('edPassword').value='';
       }
       <?php

       }

       function btnLoginJSMouseOut($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('btnLogin').src="image/login_btn.png"
       <?php

       }

       function btnLoginJSMouseOver($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById('btnLogin').src="image/login_btn2.png"
       <?php

       }

       function loginJSLoad($sender, $params)
       {

       ?>
       var width = 1348;
       var left = Math.floor((screen.availWidth/2) - (width/2));
       //document.getElementById('imgBg').style.left = left;
       var left_bg = left-15;
       //var left_footer = left+128;
       var left_footer = left+68;
       var left_power = left+579;
       var left_jtech = left+642;
       var left_amps = left+119;
       //var left_flash = left+28;
       var left_ff = left+128;
       var left_tc = left+130;
       var left_label = left+176;
       var left_error = left+119;
       //var left_user = left+576;
       //var left_pass = left+847;
       var left_editus = left+125;
       var left_editpw = left+258;
       var left_e1 = left+119;
       var left_e2 = left+252;
       var left_login = left+385;
       var left_frame = left+769;
       //var left_head = left;
       var left_reg = left+736;
       document.getElementById('imgBg_outer').style.left = left_bg;
       document.getElementById('imgFooter_outer').style.left = left_footer;
       document.getElementById('imgPower_outer').style.left = left_power;
       document.getElementById('imgJtech_outer').style.left = left_jtech;
       document.getElementById('imgAmps_outer').style.left = left_amps;
       //document.getElementById('JTFlash_outer').style.left = left_flash;
       document.getElementById('imgFF_outer').style.left = left_ff;
       document.getElementById('imgTooCool_outer').style.left = left_tc;
       document.getElementById('Label1_outer').style.left = left_label;
       document.getElementById('Label2_outer').style.left = left_label;
       document.getElementById('Label3_outer').style.left = left_label;
       document.getElementById('lblError_outer').style.left = left_error;
       //document.getElementById('Username_outer').style.left = left_user;
       //document.getElementById('Password_outer').style.left = left_pass;
       document.getElementById('edUsername_outer').style.left = left_editus;
       document.getElementById('edPassword_outer').style.left = left_editpw;
       document.getElementById('imgE1_outer').style.left = left_e1;
       document.getElementById('imgE2_outer').style.left = left_e2;
       document.getElementById('btnLogin_outer').style.left = left_login;
       document.getElementById('JTRegister_outer').style.left = left_frame;
       //document.getElementById('imghead_outer').style.left = left_head;
       document.getElementById('imgReg_outer').style.left = left_reg;

       document.getElementById('edUsername').style.color = 'gray';
       document.getElementById('edUsername').style.fontStyle = 'italic';
       document.getElementById('edPassword').style.fontStyle = 'italic';
       document.getElementById('edPassword').style.color = 'gray';
       document.getElementById('edUsername').value = 'Username';
       document.getElementById('edPassword').type = 'text';
       document.getElementById('edPassword').value = 'Password';





       if(navigator.appName=="Microsoft Internet Explorer")
	      {
	       alert("AMPS is too cool for internet explorer");
	       //window.open("http://www.w3junkies.com/toocool/", "_blank");
         window.location = "http://www.w3junkies.com/toocool/";
	      }
       <?php

       }


       function btnRegisterJSClick($sender, $params)
       {

       ?>
       //Add your javascript code here
       document.getElementById( "JTDivRegisterComp" ).Show();
       <?php

       }

       function JTDivRegisterCompShow($sender, $params)
       {
       $this->edCompanyName->Text='';
       $this->edTaxIdNum->Text='';
       $this->edAddress->Text='';
       $this->edAddress2->Text='';
       $this->edLname->Text='';
       $this->edFname->Text='';
       $this->edMname->Text='';
       $this->edMobile->Text='';
       $this->edPhone->Text='';
       $this->edFax->Text='';
       $this->edSlogan->Text='';
       $this->edWebsite->Text='';
       $this->edEmail->Text='';
       $this->edUsername->Text='';
       $this->edPassword->Text='';
       $this->edPassword2->Text='';
       }


       function btnSubmitJSClick($sender, $params)
       {

       ?>
       //Add your javascript code here
       window.alert('successfully created user!')
       <?php

       }

       function btnCancelClick($sender, $params)
       {
       redirect('login.php');


       }


       function btnSubmitClick($sender, $params)
       {
       $validator = new validate();
       $fields = array();
       $fields = array($this->edCompanyName->Text,
       $this->edAddress->Text,
       $this->edLname->Text,
       $this->edFname->Text,
       $this->edPhone->Text,
       $this->edUsername->Text,
       $this->edPassword->Text,
       $this->edPassword2->Text);

       if($validator->validateRequiredFields($fields)==true)
       {



       if($this->edPassword->Text!=$this->edPassword2->Text)
        {
         $this->lblPasswordError->setCaption('Passwords did not match');
         $this->lblError->setCaption('Passwords did not match');
         //redirect('register_company.php');
        }

       if($this->edPassword->Text=='')
       {
       $this->edPassword->Text='1234';
       $this->edPassword2->Text='1234';
       }
       else
       {
       $this->edPassword->Text;
       }

       $result_company_id = mysql_query("SELECT MAX(company_id) as max FROM company_tbl") or die("SELECT COMPANY ID - ".mysql_error());
       $row_company_id = mysql_fetch_array($result_company_id);
       $company_id = $row_company_id['max']+1;

       mysql_query("INSERT INTO company_tbl (company_name,
       tax_idno,
       address,
       address2,
       lname,
       fname,
       mname,
       business_type,
       country,
       mobile,
       contact_no,
       fax_no,
       comp_slogan,
       website,
       general_email)
       VALUES
       ('".$this->edCompanyName->Text."',
       '".$this->edTaxIdNum->Text."',
       '".$this->edAddress->Text."',
       '".$this->edAddress2->Text."',
       '".$this->edLname->Text."',
       '".$this->edFname->Text."',
       '".$this->edMname->Text."',
       '".$this->cmbBusiness->getItemIndex()."',
       '".$this->cmbCountry->getItemIndex()."',
       '".$this->edMobile->Text."',
       '".$this->edPhone->Text."',
       '".$this->edFax->Text."',
       '".$this->edSlogan->Text."',
       '".$this->edWebsite->Text."',
       '".$this->edEmail->Text."')
       ") or die("INSERT COMPANY - ".mysql_error());

       //$this->Upload1->moveUploadedFile("photo/company/logo".$company_id.".".$this->Upload1->FileExt);

       mysql_query("INSERT INTO accounts_tbl (username, password, company_id, company_name, status)
       VALUES
       ('".$this->edUsername->Text."',
       '".$this->edPassword->Text."',
       '".$company_id."',
       '".$this->edCompanyName->Text."',
       '0'
       )") or die("INSERT ACCOUNT - ".mysql_error());

       echo "<script language=javascript>
       alert('Successfully created an account!')
       window.location='login.php';
       </script>";

       //redirect('login.php');
       }
       else
       {
        $err_field1 = $validator->validateRequired($this->edCompanyName->Text, 'Company Name, ');
        $err_field2 = $validator->validateRequired($this->edAddress->Text, 'Address, ');
        $err_field3 = $validator->validateRequired($this->edFname->Text, 'Contact First Name, ');
        $err_field4 = $validator->validateRequired($this->edLname->Text, 'Contact Last Name, ');
        $err_field5 = $validator->validateRequired($this->edPhone->Text, 'Contact Number, ');
        $err_field6 = $validator->validateRequired($this->edUsername->Text, 'Username, ');
        $err_field7 = $validator->validateRequired($this->edPassword->Text, 'Password, ');
        $err_field8 = $validator->validateRequired($this->edPassword2->Text, 'Confirm Password, ');

        $error_fields = $err_field1.$err_field2.$err_field3.$err_field4.$err_field5.$err_field6.$err_field7.$err_field8;
        $error_message = $validator->addRequiredMessage($error_fields);
        $this->lblerror2->setCaption($error_message);
       }


       }





       function btnRegisterClick($sender, $params)
       {
       redirect('register_main.php');
       }

       function loginCreate($sender, $params)
       {
       $param1 = $_GET['param1'];
       $param2 = $_GET['param2'];
       if(($param1!='' || $param1!=null) && ($param2!='' || $param2!=null))
       {
        $param_password = base64_decode($param1);
        $param_username = base64_decode($param2);

        $this->edUsername->setText($param_username);
        $this->edPassword->setText($param_password);
        $this->check_login();
       }
       $this->imgFF->setLink('http://www.mozilla.com');
       $this->imgFF->setLinkTarget('_blank');
       //$this->submitflag->Value = '';
       //$this->JTDivRegisterComp->Hide();
       $this->lblError->setCaption('');
       $error = $_GET['error'];
       if($error)
        {
         $this->lblError->setCaption('Incorrect Username and/or Password');
        }
       $this->edUsername->Text='';
       $this->edPassword->Text='';
       }

       function btnLoginClick($sender, $params)
       {
        $this->check_login();
       }

       function check_login()
       {
        $query_check_db = "SELECT * FROM accounts_tbl WHERE
        username='".$this->edUsername->Text."' AND
        password='".sha1($this->edPassword->Text)."'";
        $result_check_db = mysql_query($query_check_db) or die("SELECT CHECK DB ".mysql_error());
        $result_account = mysql_query($query_check_db) or die("SELECT ACCOUNT ".mysql_error());
        $row_account = mysql_fetch_array($result_account);

        $query_check_company = "SELECT approval FROM company_tbl WHERE company_id='".$row_account['company_id']."'";
        $result_check_company = mysql_query($query_check_company) or die("SELECT COMPANY APPROVAL ".mysql_error());
        $row_check_company = mysql_fetch_array($result_check_company);
        $comp_approval = $row_check_company['approval'];

        if(mysql_num_rows($result_check_db)>0 && $row_account['approval']!=0 && $comp_approval!=0)
        {
         $row_company_id = mysql_fetch_array($result_check_db);
         $company_id = $row_company_id['company_id'];
         $admin = $row_company_id['admin'];
         $_SESSION['company_id'] = $company_id;
         $_SESSION['company_name'] = $row_company_id['company_name'];
         $_SESSION['username'] = $this->edUsername->getText();
         $_SESSION['isAdmin'] = $admin;
         $_SESSION['userId'] = $row_company_id['auto_id'];


         //FOR ACCESS LEVEL
         if($row_account['created_by']=='admin_amps_admin')
         {
         $_SESSION['access_vehicle'] = '2';
         $_SESSION['access_part'] = '2';
         $_SESSION['access_tire'] = '2';
         $_SESSION['access_route'] = '2';
         $_SESSION['access_settings'] = '2';
         }
         else
         {
         $query_access = "SELECT * FROM accounts_access_level WHERE id='".$row_company_id['access_level_id']."'";
         $result_access = mysql_query($query_access) or die("SELECT ACCESS ".mysql_error());
         $row_access = mysql_fetch_array($result_access);
         $_SESSION['access_vehicle'] = $row_access['vehicle'];
         $_SESSION['access_part'] = $row_access['part'];
         $_SESSION['access_tire'] = $row_access['tire'];
         $_SESSION['access_route'] = $row_access['route'];
         $_SESSION['access_settings'] = $row_access['settings'];
         }

         $query_agree = "SELECT * FROM agreement_tbl WHERE company_id='".$company_id."'";
         $result_agree = mysql_query($query_agree) or die("AGREEMENT ".mysql_error());
         $count_agree = mysql_num_rows($result_agree);
         $row_agree = mysql_fetch_array($result_agree);

         $query_flag_default = "SELECT flag_default,flag_route FROM company_tbl WHERE company_id='".$company_id."'";
         $result_flag_default = mysql_query($query_flag_default) or die("SELECT FLAG DEFAULT ".mysql_error());
         $row_f_def = mysql_fetch_array($result_flag_default);
         $flag_default = $row_f_def['flag_default'];
         $flag_route = $row_f_def['flag_route'];

         $_SESSION['route_log'] = $flag_route;

         $this->insertLog();

         if($row_agree['agree']==1)
         {
         echo "<script type=text/javascript>
              document.location.href = 'main.php';
              </script>";
         //redirect('main.php');
         }
         if($row_agree['agree']==0)
         {
         echo "<script type=text/javascript>
         var win_height = 550;
         var win_width = 600;
         var height = window.outerHeight;
         var width = window.outerWidth;
         var top = Math.round((height-win_height)/2);
         var left = Math.round((width-win_width)/2);
         pop_agree = window.open('agreement.php','agreement_window','location=no,height='+win_height+',width='+win_width+',top='+top+',left='+left);
         if(!pop_agree)
         {
          alert('Please change your browser settings to allow pop-up windows.');
         }
         </script>";
         }
        }
        if(mysql_num_rows($result_check_db)==0 || $row_account['approval']==0 || $comp_approval==0)
        {
         redirect('login.php?error=1');
        }
       }

       function insertLog()
       {
        $ip_1 = $_SERVER["REMOTE_ADDR"];

        if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
                $TheIp=$_SERVER['HTTP_X_FORWARDED_FOR'];
        else $TheIp=$_SERVER['REMOTE_ADDR'];

        $ip_2 = trim($TheIp);

        $username = $_SESSION['username'];
        $company = $_SESSION['company_id'];
        $date = date("Y-m-d");
        $time = date("H:i:s");

        $query_ins_log = "INSERT INTO accounts_log (act_name, company_id, ip_add1, ip_add2,
        log_date, log_time) VALUES ('".$_SESSION['username']."','".$_SESSION['company_id']."',
        '".$ip_1."','".$ip_2."','".$date."','".$time."')";
        mysql_query($query_ins_log) or die("INSERT LOG ".mysql_error());
       }
}

global $application;

global $login;

//Creates the form
$login=new login($application);

//Read from resource file
$login->loadResource(__FILE__);

//Shows the form
$login->show();

?>